Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HIdden Files and how to gain access


  • Please log in to reply
5 replies to this topic

#1 kiwipoppy

kiwipoppy

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 26 March 2013 - 12:43 AM

Hi,am running win 7 ultimate on a stand alone computer not currently connected to the internet.I am only user and have two visible accounts,a standard admin,and the Built in admin account
Recent scans have shown the existence of an account named C:\users\ADMINI~1,its files are hidden,and cannot be shown,I have tried the folder option panel,the attrib command and would like to know what else I can try.
Many thanks


Edited by hamluis, 27 March 2013 - 07:14 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,414 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:03 PM

Posted 26 March 2013 - 03:37 PM

Do you have a Symantec program installed?

 

http://www.symantec.com/business/support/index?page=content&id=TECH176302

 

Louis



#3 kiwipoppy

kiwipoppy
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 26 March 2013 - 08:12 PM

No,no Symantec....but some suspicious activity...will detail if this is correct place to do so

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,414 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:03 PM

Posted 27 March 2013 - 10:58 AM

"Suspicious" is one of those words...that connote/denote absolutely nothing, since more detail is necessary for anyone to have a clue as to what might "suspicious" in the mind of the speaker/talker/poster, etc.

 

If you have any idea that you have a malware situation...please tell us why and we can try to move this topic to the correct forum for such.

 

Louis



#5 kiwipoppy

kiwipoppy
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 27 March 2013 - 05:19 PM

Activity includes hidden files that can't be unhidden
Firewall disabled
windows update disabled
system restore disabled and access blocked to System Volume information...this appears in scans as C\:SYSTEM~1
Hidden services running at startup
Access denied in various areas of registry,and permissions that can be changed revert back on reboot
Built in admin denied specific permissions(seen in Process Explorer)
''Account Unknown'' appears in some file properties
Malwarebytes found Trojan activity but I think there are areas that need cleaning up
When I was connected to internet,credit card details were stolen,and various unknown websites were being accessed
Anti virus programs appear to install but either will not run,or update,or skip hundreds of files
Recycle bin is corrupted
Reinstalling Windows does NOT help
MBAM log attached

Attached Files


Edited by kiwipoppy, 28 March 2013 - 02:38 PM.


#6 kiwipoppy

kiwipoppy
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 31 March 2013 - 02:22 PM

So should I post in malware removal?thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users